Searching for Assets

Applies to Product: USM Appliance™ LevelBlue OSSIM®

You can either search for or filter your assets by simply typing what you are looking for in the search box, in the upper left-hand corner of the Asset List view. (For UI definitions, see Asset List View.)

The system searches on different fields depending on what you enter:

The result of your search displays with the number of assets identified.

Assets page with results of a search.

USM Appliance provides a large selection of filters, so that you can find assets easily.

Asset filter in the asset list view
Filter Name Description
Has Alarms Identify assets with open alarms.
Has Events Identify assets with events.
Vulnerabilities Identify assets with vulnerabilities of all severity levels: Info, Low, Medium, High and Serious. Slide the bar to exclude one or more levels.
Asset Value Identify assets with a specific asset value, from 0 to 5. Slide the bar to exclude one or more values.
HIDS Status Identify assets with different HIDS connection status. Includes Connected, Disconnected and Not Deployed.
Availability Status Identify assets with different availability status. Includes Up, Down, and Unconfigured.
Show Assets Added Identify assets based on date added.
Last Updated

Identify assets based on last date updated.

More Filters Contains additional filters including Network, Group, Sensor, Device Type, Service, Operating System, Software, Model, Label, Location, and Plugin. Essentially you can filter on every field that classifies or describes an asset.

When applying filters, the search uses a logical "AND" operator when you use different filters. For example, the following search looks for assets that have alarms and events, which were added during the last day:

Assets page with search results for "AND" operator.

When you use the same filter multiple times, such as Network in the following example, USM Appliance uses the logical "OR" operator instead:

Assets page with search results for "AND" and "OR" operators.